🚨 Balancer potentially exploited! $70.9M moved to a fresh wallet. Tokens moved: - 6.85K $OSETH - 6.59K $WETH - 4.26K $wSTETH

Sources @atoms_res & @nansen_ai

@atoms_res @nansen_ai manageUserBalance has a faulty access check In _validateUserBalanceOp it checks msg.sender against user supplied op.sender. It allows to execute UserBalanceOpKind.WITHDRAW_INTERNAL (kind = 1) Source: @DefimonAlerts

@atoms_res @nansen_ai @DefimonAlerts It’s like 120-130mm+ atm This seems to be the actual exploit txn, btw, the one from X is just the withdrawal.

@atoms_res @nansen_ai @DefimonAlerts these are the last txs before hack started on EURe on Gnosis Balancer v2 vault: the EURe/SDAI pool is emptied:

@atoms_res @nansen_ai @DefimonAlerts Looks like oracle manipulation?..

@atoms_res @nansen_ai @DefimonAlerts . @Polymarket has a market running for 100m+ exploit before 2026…

@atoms_res @nansen_ai @DefimonAlerts @Polymarket The project team commented on the incident: «We’re aware of a potential exploit impacting Balancer v2 pools. Our engineering and security teams are investigating with high priority. We’ll share verified updates and next steps as soon as we have more information.»

@atoms_res @nansen_ai @DefimonAlerts @Polymarket 128m$ damage until now, still no more details.